Cyber Security Jobs & The Skills Gap

Both the UK and US governments are continuing to hire cyber security professionals. Commercial business  around the world is hiring IT and Cyber professionals with the requisite knowledge and skills to help organisations protect themselves against the growing cyber security threats.

The number of unfilled jobs in this area continues to increase, with no foreseeable drop-off in the immediate future. More importantly, however, is the fact that this career path already has a million unfilled jobs. 

Corporations, businesses, and governments cannot seem to fill all of their open positions. This is a troubling trend, especially considering the growing number of cyber criminals and the growing threat of cyber-crime. Knowing ahead of time which jobs you might apply for matters. While most cyber security professions do require a similar set of skills, most will have certain upfront requirements that you may not meet. 

When that happens, you’ll likely have one of two primary options: Gain the requisite knowledge before you apply, or acknowledge your lack of training, but apply anyway.

The first option might seem like a better one, but don’t jump to too many conclusions here. Cyber security jobs are still incredibly hard to fill. If a company believes that you have a good technical foundation, they may be more than willing to hire you for the job and help you get the rest of the skills you need to perform those job duties in full.

Computer security jobs cover several core skills areas, but they are far from the same. And when applying for your first job in cyber security, you might want to avoid sounding like you’re not talking about the correct field. You’ll see the computer and internet-related security fields come with a lot of different titles: internet security, network security, cyber security, information security. It’s easy to assume they’re all the same thing, but understanding the nuances between them may place you further up the list of potential applicants. 

Network Security and Cyber Security
IT and networking leader Cisco states that “network security” is “any activity designed to protect the usability and integrity of your network and data.” That protection includes both software and hardware solutions. It’s best to think of network security as security efforts designed to help ensure that the network is strong from the inside, and focuses its efforts on ensuring that the “castle walls” are strong.

Undoubtedly, of the many computer-related security branches, network security is perhaps the largest and as you might notice, while network security primarily focuses on activities that occur within the network, it’s designed around keeping malicious actors from accessing those networks. 

A large focus for network security is on looking at how individuals within the network are working with and accessing the information or resources. After all, there’s no point in having internal security measures in place if someone on the inside with rights access is giving it all away (or acting against the network themselves).

Information Security
Perhaps one misconception with cyber security is that the only individuals hired into this industry were former hackers or those who have been poking around networks since they were children.

However, anyone can get into cyber security by acquiring the proper training and education.

Where network security is more centered around preventing unauthorized access to a network or misuse of that network from within, information security is more singularly focused on preventing information from falling into the wrong hands. Quite understandably, information security (often called “infosec”) and network security have a lot of overlap. For example, some of the same software used by network security professionals will also be used by information security professionals.
Information security professionals, who may also be called “data security” workers, are often concerned about the acronym C.I.A: Confidentiality, Integrity, and Availability of data. 

For infosec professionals, this means that network architecture is not so much important as it is making sure that the data within that network is protected, viable and accessible for users, as well as kept out of the hands of individuals who might abuse that data. 

Infosec professionals will, therefore, be far more concerned about what happens to the data after a data breach and will spend far more time concerned about data stored on the servers. All of that taken together, however, cyber security/network security and information security are increasingly falling under the same banner. Still, there are some differences you may want to consider when looking for jobs, as most security jobs will eventually require you to specialise in a few key areas. 

Much like any other area of study, the entire field is a bit too broad for one person to easily become an expert in all facets. You can, however, focus more on data security or more on network security as your primary field of expertise.

Cybersecurity talent is still expensive and hard to find.
One reason for this is the very fact that cybersecurity is now more widely considered a critical function. Demand for security skills, once limited primarily to government and the defense industry, has spread throughout the economy. The changing priorities and tactics of cybersecurity are reflected in hiring patterns.

Overall, the field is emphasizing deploying automation and managing risk more effectively. That is partly in the belief that these tactics will be more effective in preventing breaches, but it is no coincidence that they also alleviate the need for hard-to-hire human workers. In addition, projections show that the next generation of cyber-security workers will need skills in Cloud Security and the Internet of Things.

Key Findings in the US, which often apply World-Wide:

  • The number of cybersecurity job postings has grown 94% since 2013, compared to only 30% for IT positions overall. That’s over three times faster than the overall IT market.
  • Cybersecurity jobs account for 13% of all information technology jobs. On average, however, cybersecurity jobs take 20% longer to fill than other IT jobs, and they pay 16% more. On average, that works out to more than $12,700 per year.
  • Yet for most IT workers, cybersecurity is one among many responsibilities rather than a dedicated role. More than half of jobs demanding cybersecurity skills are in fact other IT roles, where security is only one part of a broader job description.
  • Demand for automation skills in cybersecurity roles has risen 255% since 2013, and demand for risk management rose 133%.
  • Public cloud security (170%) and knowledge of the Internet of Things (140%) are projected to be the fastest-growing cybersecurity skills in demand over the next five years.

Comparitech:           Burnng-Glass:          Computerworld

You Might Also Read:

Want A Career In Cybersecurity?:

Are Women Better At Cyber Security?:

 

« Is The Cloud Skills Gap A Problem?
Shockwave - A Global Transformation In Warfare »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Patchstack

Patchstack

Patchstack (formerly WebARX) is a web application security platform, which allows digital agencies and developers to monitor, protect and maintain their websites.

French Expert Center Against Cybercrime (CECyF)

French Expert Center Against Cybercrime (CECyF)

CECyF is a centre of excellence for countering cybercrime in France.

Aeriandi

Aeriandi

Aeriandi is a leading provider of hosted PCI security compliance solutions for call centres, trusted by high street banks and major Telcos.

Outsource UK

Outsource UK

Outsource UK is an independent recruitment company supplying highly-skilled technology, change and engineering talent to clients within a range of specialist sectors including Cyber Security.

Early Birds

Early Birds

Early Birds is a Business to Business (B2B) marketplace for Innovators (Startups/Scaleups) and Early Adopters to exchange value early on.

Blue Cedar

Blue Cedar

Blue Cedar's mobile app security integration platform secures and accelerates mobile app deployment for enterprises and government organizations around the world.

Nexum

Nexum

Nexum takes a comprehensive approach to security, from detecting and preventing network threats, to equipping you with the information, tools and training you need to effectively manage IT risk.

Dhound

Dhound

Dhound is a cybersecurity company providing web application penetration testing.

Grip Security

Grip Security

Grip Security provides comprehensive visibility, governance and data security to help enterprises effortlessly secure a burgeoning and chaotic SaaS ecosystem.

FortifyIQ

FortifyIQ

FortifyIQ's mission is to advance maximum security against side-channel attacks across the entire computing spectrum.

PhishFirewall

PhishFirewall

PhishFirewall is an advanced AI-driven CyberSecurity Awareness Education, Threat Emulation, and Human Security Analytics Platform.

Muscope Cybersecurity

Muscope Cybersecurity

Muscope CYSR platform performs a risk assessment and offers a comprehensive overview of the potential cyber attack risks.

Orbis Cyber Security

Orbis Cyber Security

Orbis is one of the leading cybersecurity company in USA. Our cybersecurity specialist defends your data, combat threat, and modernize your compliance.

Zeta Sky

Zeta Sky

Zeta Sky offers a full range of IT and cyber-security services for your business.

Excite Cyber

Excite Cyber

Excite Technology Services (formerly Cipherpoint) is focused on improving the security posture of our customers.

QRC Assurance & Solutions

QRC Assurance & Solutions

QRC is a PCI QSA, QPA, ISO accredited, CPA and CERT-IN empanelled organization with vast experience in conducting certification, regulatory audits, pen testing services, training and more.